Wanna avoid the next Wannacry? Micro-segmentation is the answer

By Ian Russell, Customer Engagement Manager

With several South African companies affected, including top-tier organisations such as Telkom, the recent global panic around the WannaCry ransomware attack has opened many South Africans’ eyes to the very real risks of global cybercrime on businesses anywhere, anytime, and of any size.

The European Union Agency for Law Enforcement Cooperation (Europol) has reported more than 200 000 attacks in over 150 countries, with the full scope of the attack yet to be determined. Victims include organisations from all verticals, and according to many cybersecurity experts, the sad truth is that bigger and more sophisticated attacks are lurking just over the horizon.

With the number of unique users in the average organisation’s IT infrastructure growing, and considering the business world’s current fondness for mobile devices and increasing appetite for cloud computing, IT security experts are facing an uphill battle. Every email to every user and every unsecured endpoint is a potential point of ingress for a well-disguised piece of ransomware. The perimeter-based security architectures of yesteryear are simply not sufficient when any device on earth can act as an endpoint to an organisation’s systems.

There is no securing a perimeter if that perimeter is everywhere, and WannaCry’s creators took full advantage of that fact. This particular piece of ransomware spread through (and between) its victims’ systems with such speed and voracity, that by the time it was detected, in most cases it was already too late. Preventing similar occurrences in the future will depend on finding a way to stop the software dead in its tracks, and contain the spread as quickly as possible.

That’s where micro-segmentation with VMware NSX comes in. Aptronics has been certified with VMware’s Network Virtualization (NSX) Competency, after significantly investing in the skills, training and certifications to fully support the capabilities required of VMware’s NSX solution.

It has long been an aspect of cybersecurity best-practice to mitigate attacks through a least-privilege or “zero trust” model, by embedding security features directly into the data centre network, and only allowing for necessary communications between systems using an advanced firewall. Such tactics assume that all network traffic is suspicious and dramatically reduces the exposed surface area for an attack like WannaCry to enter and proliferate.

VMware’s NSX micro-segmentation technology mimics and perfects this intrinsic level of security – compartmentalising the data centre to create numerous perimeters dedicated to specific workloads, and thereby helping to effectively section off the data centre and contain the lateral spread of ransomware attacks.

The NSX approach, more and more in demand from Aptronics’ clients, is one of the best defences against intrusion available today. It is able not only to contain the spread of malware like WannaCry, it also provides new levels of visibility into ongoing attacks, identifies systems that are still infected, and lays the best possible foundation for the mitigation of the threats that all businesses know will come in the future.

If you would like to find out more about Aptronics’ security solutions, including micro-segmentation with NSX, and what they can do to protect your organisation, please feel free to get in touch.